Erp

This hub aggregates every CVE we track for Erp, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Erp.

• CVE-2026-4175Aureus ERP Chatter Message content-text-entry.blade.php cross site scripting3.5Mar 15, 2026
• CVE-2026-24323Multiple vulnerabilities in BSP Applications of SAP Document Management System6.1Feb 10, 2026
• CVE-2026-0505Multiple vulnerabilities in BSP Applications of SAP Document Management System6.1Feb 10, 2026
• CVE-2025-14089Himool ERP AdminActionViewSet update_account improper authorization6.3Dec 5, 2025
• CVE-2025-29390jerryhanjj ERP 1.0 is vulnerable to SQL Injection in the set_password function in application/controllers/home.php.8.8Apr 9, 2025
• CVE-2025-2706Digiwin ERP UploadAjaxAPI.ashx unrestricted upload6.3Mar 24, 2025
• CVE-2025-2705Digiwin ERP FileUploadApi.ashx DoWebUpload unrestricted upload7.3Mar 24, 2025
• CVE-2025-1646Lumsoft ERP ASPX File UploadAjaxAPI.ashx unrestricted upload7.3Feb 25, 2025
• CVE-2025-1165Lumsoft ERP FileUploadApi.ashx DoWebUpload unrestricted upload7.3Feb 11, 2025
• CVE-2024-7837SQLi in Firmanet Software's ERP8.2Nov 22, 2024
• CVE-2024-42563An arbitrary file upload vulnerability in ERP commit 44bd04 allows attackers to execute arbitrary code via uploading a crafted HTML file.9.8Aug 20, 2024
• CVE-2024-42565ERP commit 44bd04 was discovered to contain a SQL injection vulnerability via the id parameter at /index.php/basedata/contact/delete?action=delete.9.8Aug 20, 2024
• CVE-2024-42564ERP commit 44bd04 was discovered to contain a SQL injection vulnerability via the id parameter at /index.php/basedata/inventory/delete?action=delete.7.6Aug 20, 2024
• CVE-2024-0491Huaxia ERP UserController.java password recovery5.3Jan 13, 2024
• CVE-2024-0490Huaxia ERP getAllList information disclosure5.3Jan 13, 2024